Published: 08/06/2020 Updated: 06/04/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote malicious users to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rejetto http file server 2.3m

HFS Http File Server version 23m build 300 suffers from a remote buffer overflow vulnerability that can lead to a denial of service ...

TrojanWin32Sharerh malware suffers from buffer overflow, denial of service, and heap corruption vulnerabilities ...

Full Disclosure mailing list archives   By Date By Thread </form>    TrojanWin32Sharerh / Known Vulnerable Component - Heap Corruption  <!--X-Head-of-Message ...

CWE-120 https://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html http://hyp3rlinx.altervista.org/advisories/HFS-HTTP-FILE-SERVER-v2.3-REMOTE-BUFFER-OVERFLOW-DoS.txt https://www.rejetto.com/hfs/?f=wn https://github.com/rejetto/hfs2/commit/b8ebfc4e22948e1a61506cd66e397b61ea5ea5de http://seclists.org/fulldisclosure/2020/Jun/13 http://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html http://seclists.org/fulldisclosure/2021/Apr/12 https://nvd.nist.gov http://seclists.org/fulldisclosure/2021/Apr/12

CVE-2020-13432

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect